I have an issue with the Cisco Anyconnect Secure Mobility client version 3.0.5080. Each time I connect the VPN client in Windows 7 (x86 or x64) the Anyconnect Secure Mobility Client Connection Adapter moves to the top of the Adapters and Bindings priority list. You can access this list by navigating to Network and Sharing Center --> Change Adapter Settings --> Then clicking on Advanced -->Advaced Settings... (See attached image Fig1)
If I move the Cisco adapter to the bottom of the binding priority list, it is moved back to the top when I reconnect the VPN client. This is causing an issue with a cleint's application where something in the binding order prevents a workbook sync across the VPN with the remote server. The Cisco adapter has to be at the lowest priority in order for the sync to work. I attached a screenshot of the correct binding order (Fig2). Does anyone know how to get the Cisco adapter to keep the binding order I have specified, or will it allways just move itself to the top of the priority list?
This appears to be a Windows 7 "Feature" where the latest network interface to make a connection is moved to the top of the binding order, as Windows assumes it has better information than the previous connection. Otherwise why would you have connected in the first place right?
We are having a similar issue with a client who has an application which when run binds to the NIC highest in the binding order and then uses that MAC address for licensing.
Since the app is only run by 3 devices, we are issuing PCF files and Ipsec VPN for those users as the IPsec VPN falls into windows "VPN Client Adapters" pool of nics on the binding order, and doesn't change when it connects or disconnects.
I can see why Cisco wanted Anyconnect outside that pool, so it would have a higher level of control over the PC and prevent the user from bypassing security by using a higher bound nic card if you deployed the BYOD / Mobility Solution.
There is a setting on the ASA to allow you to run a script on connect, under the anyconnect customization / script in ASDM. Looks like a windows script file might allow you to make a change to this binding order, only issue with that is that we would have to know the UID or whatever for the device in order to create the registry key change for each user, and if they connect form another device we might well break that device by making registry changes to it.
Any comment from Cisco Employee's or Anyconnect Dev / Support team would be appreciated.
Has anyone found a solution to this problem, without administrative rights users cannot mannually re-order the network connections to work arround the issue. Also they should not have to in the first place.
This month, we're excited to bring awareness to a newly formed partnership between Cisco Secure and IBM.
Securing today's dynamic enterprise applications is critical. With hybrid and multi-cloud adoption, traditional network-based security ran into limita...
Listen: https://smarturl.it/CCRS8E42Follow us: twitter.com/CiscoChampion
APIClarity is an open source, cloud-native visibility tool for APIs. It utilizes a Service Mesh framework to capture and analyze API traffic and identify potential risks.
Hello everyone, A new video in the Cisco Secure Terraform Series has just been published. If you are interested in Infrastructure as Code, and Terraform, you don't want to miss out on this amazing series with Jason "Canadian Bacon" Maynard! Newe...
The Cisco Secure Firewall and SecureX teams are looking for feedback from active Secure Firewall users who may or may not have already activated SecureX. Your responses will help us improve the Firepower experience in SecureX. Th...